Failed to load resource: the server responded with a status of 500 (Internal Server Error)

vqlweb.js:7 [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *".

Both the main website (www) and the tableau server (tableau) are in the same domain. Tableau is running behind haproxy. I tried to modify the response headers which eliminated most errors but the Internal server error 500 remains.

We have not yet tried it. It seems like the issue could be larger than they anticipated, or mostly likely they thought it was fixed and it's in fact not fixed. I would open a technical support case and let them know the issue is still persisting.

I'm on it! I'm from the support department, and I'll make sure to let our teams know people are still seeing issues:: If you created a support case, please re-open the case to let the tech assigned to the case in tier two know that the issue is persisting after the upgrade!

Thank you all for letting us know about 2018.1.1 not fixing this issue for you. We've reproduced that internally and are working determining why so that we can be sure the next fix is successful. I have also just followed up with our release notes team to have the release note pulled and the issue put back up on our known issues page.

There is a second thread on this that has a workaround. I'd like to caution that the workaround has a security trade off. See this thread for more details on unrestricted trusted tickets: Trusted Authentication in 2018.1 fails